| Phishing as a typical fraud means of telecommunications fraud,has attracted the attention of the academic circles.Phishing is a kind of crime mechanism that makes use of social engineering and technology to cheat the user’s identity data and financial account.Phishing defense is a kind of anti-phishing means.After more than ten years of phishing research,phishing defense has made some research results.However,the current phishing use team,institutionalized approach to combat,the attack is still rampant.In view of the current phishing attacker’s team and institutional operations,while the use of elaborate phishing sites,proposed a fusion of multi-features phishing site clustering algorithm.Through the construction of phishing web DOM tree,the characteristics of phishing sites are extracted,and the similarity is calculated by using the Kulczynski 2 algorithm.Finally,the K-Means algorithm is used for clustering analysis.Based on the analysis of clustering results of eBay and PayPal,the behavior characteristics of phishing attackers’ team turn is verified.The main work and contribution of this paper is that:First,A clustering algorithm based on multiple features is proposed.This paper sampled in eBay,PayPal phishing sites.Firstly,the data is pre processed and its DOM tree is constructed.Then,the fingerprint algorithm is used to describe the features,the feature database is constructed and the similarity is calculated.Finally,based on this database to phishing web page similarity clustering.Second,Experimental analysis based on the previous algorithm.After the K-means clustering of the experimental data objects in the feature database,the clustering results are found:eBay phishing site clustering results of 83.6%phishing sites similar or equal value,PayPal phishing site clustering results of 73.0%phishing sites similar or equal value. |
PDF Full Text Request